forked from smuellerDD/libkcapi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
100 lines (88 loc) · 4.01 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Change 0.7.1:
* AEAD kernel interface is now upstreamed, reference the patches
in the documentation appropriately and remove the patches from the
kernel patch tree.
* Test: add rfc4106(gcm(aes)) tests to general test and to speed test
* Speed test: invoke the ciphers 10 times before time measurement to prime
the caches.
Change 0.7.0:
* AEAD kernel part does not relay MSG_TRUNC any more, thus using the
read syscall is more efficient.
* remove kcapi_cipher_setiv and add an IV parameter to all necessary
API calls. This prevents the requirement for a function call
and requiring the caller to maintain the IV buffer
* add vmsplice tests to test framework to make sure vmsplice is really
executed
* fix documentation style
* allow caller to specify which kernel interface (sendmsg / vmsplice)
is used for one-shot API calls. This implies extension of one-shot
API calls
* Update stream API tests for AEAD to use 16 IOVECs to test the latest
installment of the recvmsg interface of algif_aead
Change 0.6.5:
* Measuring speed of vmsplice vs sendmsg interfaces and added heuristic
to select the fastest implementation
* Enhance documentation to explain usage of API better
* added speed measuring tests in speed-test/
* return errno for all syscalls through the API return codes
for better error handling
* process kernel flag of MSG_TRUNG for AEAD ciphers
Change 0.6.4:
* Update AEAD interface patch
* Add new test invoking cipher instance multiple times (-d flag of test
application)
Change 0.6.3:
* Remove several sanity checks in the API functions. This shall allow
the invocation of edge conditions (like no plaintext, but AAD and tag).
The kernel contains the appropriate sanity checks too. Therefore there
is no harm in removing them.
* Add testing of long AAD: fill 16 pages with 65504 bytes AAD and 32 bytes
plaintext (stream API) and 15 pages AAD plus 16th page holding plaintext
(one-shot API).
* Update AEAD interface to allow arbitrary AAD sizes.
Change 0.6.2:
* update all vmsplice invocations to consider the limitations of the pipe
buffer of 16 pages (the limitation in the kernel is enforced by
vmsplice_to_pipe setting nr_pages_max and splice_from_pipe_feed which
iterates over the available pipe->nrbufs) - this fixes message digests and
symmetric operations for input data larger than 16 pages; the AEAD
cipher contains a sanity check that the input data size is not too large --
thanks to Amit Uttamchandani <[email protected]> for the bug report
* update aead/rng kernel pages to match 3.19-rc1
Change 0.6.1:
* fix compile error
Change 0.6.0:
* add kcapi_md_blocksize
* add stress / negative testing
* add hint to NETLINK_CRYPTO patch requirement
Change 0.5.0:
* kernel interface for AEAD and RNG changed
* add kcapi_rng_seed API call
Change 0.4.0:
* update AEAD cipher interface for current implemetation
* remove nonalinged API
-* add one-shot and stream API
* use zero copy interface for one-shot APi
* add tests to cover one-shot and stream API
* full documentation update
* stress testing the library and the AEAD/RNG implementation
Change 0.3.0:
* new kernel patch for AEAD/RNG interface
* Support for updated AEAD kernel interface
* Use of NETLINK_CRYPTO instead of getsockopt (code currently disabled due to
a bug in crypto/crypto_user.c -- see TODO)
Changes 0.2.1:
* Add automation to generate nicely formatted guidance documents out of source
code comments. See README.md for make targets generating the respective
guidance documents.
Changes 0.2.0:
* Add kcapi_aead_[enc|dec]_* calls for non-aligned requests
* Updated kernel patch to match what has been sent to LKML
* Documentation of API calls and data structures completed
* Add kcapi_md_digestsize
* Add sanity checking to IV setting API
* Add kcapi_pad_iv
* Add sanity check around getsockopt wrapper API call
* API documentation marks input / output parameters
* API documentation explains AEAD decryption EBADMSG error code
* Update of teets to cover all changed / new API calls